CLOUD SECURITY ANALYST - HYBRID

Division of Information Technology

This is a professional Information Technologies (IT) position responsible for supporting the integrity, confidentiality, and availability of cloud-hosted systems and data. The Cloud Security Analyst focuses on securing cloud environments through security operations, identity and access governance, incident response, and compliance/audit support. The role partners closely with cloud platform teams, engineering teams, and information security teams to improve cloud security posture while maintaining primary focus on cloud security responsibilities.

Duties include, but are not limited to:

-Monitor and triage cloud security signals (alerts, findings, and risk indicators) across cloud platforms and cloud-native services. Coordinate analysis, prioritization, and remediation of cloud security issues with technical teams, and contribute to operational playbooks/runbooks to improve response consistency and reduce recurring risk.

-Support governance of cloud identity and access, including least-privilege access models, role and permission design, privileged access workflows, and periodic access reviews. Work to reduce over-privilege and strengthen auditability of access to cloud resources.

-Participate in and support incident response for cloud security events, including investigation support (scope/impact), containment recommendations, recovery coordination, and after-action documentation. Maintain cloud-focused response procedures and assist in readiness activities

-Provide security support for cloud compliance obligations and audit activities by gathering evidence, explaining control implementations, and validating control operation (e.g., logging, encryption, access controls). Assist with control mapping and documentation to support internal policies and applicable regulatory requirements.

-Develop, document, and help operationalize cloud security standards and baseline controls to prevent misconfiguration and improve security by default (e.g., logging baselines, encryption expectations, secure network patterns, and approved service configurations). Translate security requirements into actionable guidance and repeatable implementation patterns for cloud teams.

Monday - Friday, 8am - 5pm

Evening, weekend and call-in work may be required to meet deadlines and correct system failures.

-Experience supporting or securing cloud-hosted services or workloads, including exposure to cloud identity/access controls, cloud logging/monitoring, and cloud security risk management.

-Professional experience supporting and securing a production IT operating environment, with direct involvement in security monitoring, triage, and remediation coordination.

-Working knowledge of cloud security concepts and operating models, including shared responsibility, cloud-native service risks, and common cloud security control areas (identity, logging/monitoring, encryption, and network exposure).

-Demonstrated knowledge of identity and access management principles, including least-privilege access, role/permission design, privileged access, and periodic access review processes.

-Ability to identify, analyze, and communicate security risk, including interpreting security findings (alerts, vulnerability or misconfiguration results) and driving remediation with technical teams.

-Knowledge of incident response fundamentals, including triage, containment support, recovery coordination, and after-action documentation.

-Knowledge of security governance, compliance, and audit support practices, including collecting evidence, explaining control implementation, and validating control operation (e.g., logging, encryption, access controls).

-Proven ability to develop and maintain clear security documentation such as standards, procedures, runbooks/playbooks, and control narratives.

-Ability to work independently under limited supervision, manage time appropriately, handle multiple assignments, and adapt to changing priorities.

Salary Range: $53,933 - $83,335 Commensurate with experience

University Title: Security Analyst

Internal applicants can determine their University title by accessing the Talent profile tile in myHR.

Visa Sponsorship Information:
Applicants must be authorized to work in the United States. The University will not sponsor applicants for this position for employment visas.

Preference will be given for someone who can work a hybrid schedule and come to Columbia, MO as needed.

This position is eligible for University benefits. As part of your total compensation, the University offers a comprehensive benefits package, including medical, dental and vision plans, retirement, paid time off, short- and long-term disability, paid parental leave, paid caregiver leave, and educational fee discounts for all four UM System campuses. For additional information on University benefits, please visit the Faculty & Staff Benefits website at https://www.umsystem.edu/totalrewards/benefits.

Equal Employment Opportunity

The University of Missouri is an Equal Opportunity Employer.

To request ADA accommodations, please call the Director of Accessibility and ADA at 573-884-7278.